CN112560015A - Password updating method, device, equipment and storage medium of electronic equipment - Google Patents

Password updating method, device, equipment and storage medium of electronic equipment Download PDF

Info

Publication number
CN112560015A
CN112560015A CN202011496887.XA CN202011496887A CN112560015A CN 112560015 A CN112560015 A CN 112560015A CN 202011496887 A CN202011496887 A CN 202011496887A CN 112560015 A CN112560015 A CN 112560015A
Authority
CN
China
Prior art keywords
password
electronic equipment
login
electronic device
updating
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
CN202011496887.XA
Other languages
Chinese (zh)
Inventor
曹亮
郝利民
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Apollo Zhilian Beijing Technology Co Ltd
Original Assignee
Beijing Baidu Netcom Science and Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Baidu Netcom Science and Technology Co Ltd filed Critical Beijing Baidu Netcom Science and Technology Co Ltd
Priority to CN202011496887.XA priority Critical patent/CN112560015A/en
Publication of CN112560015A publication Critical patent/CN112560015A/en
Priority to EP21181679.8A priority patent/EP3869366B1/en
Priority to KR1020210086403A priority patent/KR102581873B1/en
Priority to JP2021110576A priority patent/JP2021166401A/en
Priority to US17/383,193 priority patent/US11880450B2/en
Withdrawn legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/23Updating
    • G06F16/2379Updates performed during online database operations; commit processing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/41User authentication where a single sign-on provides access to a plurality of computers
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0846Network architectures or network communication protocols for network security for authentication of entities using passwords using time-dependent-passwords, e.g. periodically changing passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0863Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2131Lost password, e.g. recovery of lost or forgotten passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/84Vehicles

Abstract

The application discloses a password updating method, a password updating device, equipment and a storage medium of electronic equipment, and relates to intelligent transportation, vehicle and road cooperation and equipment safety technologies in the field of data processing. The specific implementation scheme is as follows: the electronic equipment responds to a trigger condition for detecting password updating, randomly generates a first password, and updates a login password of the electronic equipment into the first password; the electronic device then sends a password update message to the server, the password update message indicating the identity of the electronic device and the first password. And the server updates a database for storing login passwords of different electronic equipment according to the password updating message. Through the process, the safety of the electronic equipment is improved.

Description

Password updating method, device, equipment and storage medium of electronic equipment
Technical Field
The present application relates to intelligent transportation, vehicle and road cooperation, and device security technologies in the field of data processing, and in particular, to a password updating method, apparatus, device, and storage medium for an electronic device.
Background
More electronic devices need to be deployed in an intelligent traffic scene, for example: an On Board Unit (OBU), a Road Side Unit (RSU), an Artificial Intelligence (AI) camera, and the like.
Generally, the electronic device provides a login service so that a maintenance person can log in the electronic device to set up and maintain the electronic device. The login service corresponds to a password, and the password is used for authenticating the access authority of the user to the electronic equipment. The electronic device may be shipped with an initial password, which is typically a known password or a password that can be guessed.
After the electronic device is deployed in an actual traffic scene, if the initial password is still adopted, the safety of the electronic device cannot be ensured, so that the electronic device is easy to be attacked by a hacker, and the traffic safety is affected.
Disclosure of Invention
The application provides a password updating method, a password updating device, equipment and a storage medium of electronic equipment.
According to a first aspect of the present application, there is provided a password updating method for an electronic device, including:
in response to detecting a trigger condition for password update, randomly generating a first password;
updating the login password of the electronic equipment to the first password;
and sending a password updating message, wherein the password updating message is used for indicating the identification of the electronic equipment and the first password.
According to a second aspect of the present application, there is provided a password updating method of an electronic device, including:
receiving a password update message, wherein the password update message is used for indicating an identifier of an electronic device and a first password, and the first password is randomly generated by the electronic device in response to a trigger condition of detecting password update;
and updating a database according to the password updating message, wherein the database is used for storing login passwords of different electronic devices.
According to a third aspect of the present application, there is provided a password updating apparatus of an electronic device, including:
the generation module is used for responding to the trigger condition of detecting password updating and randomly generating a first password;
the updating module is used for updating the login password of the electronic equipment into the first password;
a sending module, configured to send a password update message, where the password update message is used to indicate an identifier of the electronic device and the first password.
According to a fourth aspect of the present application, there is provided a password updating apparatus of an electronic device, including:
a receiving module, configured to receive a password update message, where the password update message is used to indicate an identifier of an electronic device and a first password, and the first password is generated randomly by the electronic device in response to a trigger condition that a password update is detected;
and the processing module is used for updating a database according to the password updating message, wherein the database is used for storing login passwords of different electronic devices.
According to a fifth aspect of the present application, there is provided an electronic device comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of any one of the first aspects or to perform the method of any one of the second aspects.
According to a sixth aspect of the present application, there is provided a non-transitory computer readable storage medium having stored thereon computer instructions for causing a computer to perform the method of any one of the first aspects or the method of any one of the second aspects.
According to a seventh aspect of the present application, there is provided a computer program product comprising a computer program which, when executed by a processor, implements the method according to any one of the first aspects or implements the method according to any one of the second aspects.
The application provides a password updating method, a password updating device, equipment and a storage medium of electronic equipment, wherein the method comprises the following steps: responding to a trigger condition for detecting password updating, randomly generating a first password, and updating a login password of the electronic equipment into the first password; a password update message is then sent, the password update message indicating the identity of the electronic device and the first password. In the process, the login password of the electronic equipment is dynamically updated, so that the current login password of the electronic equipment is only effective in a short time, and potential safety hazards caused by the leakage of the login password are reduced; in addition, because the login password updated by the electronic equipment each time is randomly generated, the login passwords of different electronic equipment are different and have no rule, so that the login password of one electronic equipment cannot be applied to other electronic equipment and cannot be used for deducing and guessing the login passwords of other electronic equipment, the safety of the electronic equipment is further improved, and the traffic safety is further improved.
It should be understood that the statements in this section do not necessarily identify key or critical features of the embodiments of the present application, nor do they limit the scope of the present application. Other features of the present application will become apparent from the following description.
Drawings
The drawings are included to provide a better understanding of the present solution and are not intended to limit the present application. Wherein:
FIG. 1 is a diagram illustrating a system architecture suitable for use in embodiments of the present application;
fig. 2 is a flowchart illustrating a password updating method of an electronic device according to the present application;
fig. 3 is a flowchart illustrating a password updating method of another electronic device provided in the present application;
fig. 4 is a schematic flowchart of a process for obtaining a login password of an electronic device according to the present application;
fig. 5 is a schematic view of a display interface of a terminal device provided in the present application;
fig. 6 is a schematic view of a display interface of another terminal device provided in the present application;
FIG. 7 is a diagram illustrating a password updating process of an electronic device according to the present disclosure;
fig. 8A is a schematic structural diagram of a password updating apparatus of an electronic device according to the present disclosure;
fig. 8B is a schematic structural diagram of a password updating apparatus of another electronic device provided in the present application;
fig. 9A is a schematic structural diagram of a password updating apparatus of another electronic device provided in the present application;
fig. 9B is a schematic structural diagram of a password updating apparatus of another electronic device provided in the present application;
fig. 10 is a schematic structural diagram of an electronic device provided in the present application.
Detailed Description
The following description of the exemplary embodiments of the present application, taken in conjunction with the accompanying drawings, includes various details of the embodiments of the application for the understanding of the same, which are to be considered exemplary only. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the present application. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
The application provides a password updating method, a password updating device, equipment and a storage medium of electronic equipment, which are applied to the fields of intelligent transportation, vehicle and road cooperation and equipment safety in the field of data processing so as to improve the safety of the electronic equipment.
The intelligent transportation vehicle-road cooperative system architecture comprises vehicle-mounted equipment and road side equipment. The On-board device includes an On-board Unit (OBU). The OBU is used to enable vehicle to outside (vehicle to X, V2X) communication. The roadside device comprises a roadside sensing device and a roadside computing device. Roadside sensing devices (e.g., roadside cameras) are connected to roadside computing devices (e.g., roadside computing units (RSCUs)), which are connected to server devices that may communicate with autonomous or assisted driving vehicles in various ways. In another system architecture, the roadside sensing device itself includes a computing function, and the roadside sensing device is directly connected to the server device. The above connections may be wired or wireless; the server device in the application is, for example, a cloud control platform, a vehicle-road cooperative management platform, a central subsystem, an edge computing platform, a cloud computing platform, and the like.
In the application, the vehicle-mounted equipment and the road side equipment deployed in the intelligent traffic scene are collectively referred to as electronic equipment. Electronic devices include, but are not limited to: OBUs, RSUs, Mobile Edge Computing (MEC) devices, webcams, AI cameras, etc.
The electronic device generally provides a login service, so that a maintenance person can log in the electronic device to set and maintain the electronic device. The login service corresponds to a password, and when a user logs in the electronic device, the user needs to input the password so as to authenticate the access authority of the user to the electronic device. The electronic device may be configured with an initial password at the time of shipment, which is generally a known password or a password that can be guessed. For example, the initial password for some devices is "admin," the initial password for some devices is the last 6 digits of the serial number for the device, and so on.
After the electronic device is deployed in an actual traffic scene, if the initial password is still adopted, the safety of the electronic device cannot be ensured. Once the hacker knows the IP address of the device, he can easily hack the electronic device with the initial password, and then attack the electronic device, such as issuing a false V2X message, making a traffic accident maliciously, etc., thereby affecting the traffic safety.
In some possible implementations, the initial password of the electronic device may be changed before the electronic device is deployed to an actual traffic scene. Specifically, the initial password of the same type of electronic equipment is modified into the same sufficiently complex password. For example, the initial password of all AI cameras is modified to a sufficiently complex password containing upper and lower case letters, numbers, and special symbols.
However, in the process of implementing the present application, the inventor finds that even if the initial password is modified into a sufficiently complex password, the security of the electronic device is still low. There are several major security risks:
(1) maintenance personnel need to perform maintenance on the electronic device periodically or event-triggered, for example, logging in the electronic device to obtain a log, replacing a file, performing problem diagnosis, and the like. Therefore, the maintenance personnel inevitably need to know the login password of the electronic device. After the maintenance personnel know the login password of the electronic equipment, the login password is easily leaked due to carelessness of the maintenance personnel or the departure of the maintenance personnel, so that the safety risk of the electronic equipment exists.
(2) Because the login passwords of the electronic devices of the same type are the same, the maintenance personnel can access other electronic devices of the same type as long as the maintenance personnel know the login password of one of the electronic devices.
(3) Maintenance personnel access the electronic equipment at any time, and the electronic equipment is inconvenient to check after the safety problem occurs due to lack of records.
The application provides a password updating method of electronic equipment, which is used for improving the safety of the electronic equipment. The system architecture of the present application is described with reference to fig. 1.
Fig. 1 is a schematic diagram of a system architecture applicable to the embodiment of the present application. As shown in fig. 1, the system architecture includes a server, an electronic device, and a terminal device. The electronic equipment is in communication connection with the server. And the terminal equipment is in communication connection with the server.
The electronic device may be an on-board device, or may be a roadside device. Electronic devices include, but are not limited to: OBUs, RSUs, MECs, webcams, AI cameras, etc.
The server can be a cloud control platform, a vehicle-road cooperative management platform, a central subsystem, an edge computing platform, a cloud computing platform and the like. The server may provide a password storage service, and thus, the server may be referred to as a password management platform. The server may employ distributed storage techniques or techniques that incorporate blockchains. Of course, the server may also employ other storage technologies.
The terminal device may be an electronic device with information processing capability, such as a smart phone, a tablet computer, or a desktop computer. The terminal device can access the server through a webpage or a client side, and acquire information from the server.
In the embodiment of the application, the electronic device randomly generates a first password in response to detecting a trigger condition for password updating, and updates a login password of the electronic device to the first password. Then, the electronic device sends a password updating message to the server, so that the server stores the login password updated by the electronic device. When the maintenance personnel need to log in the electronic equipment, the server can be accessed through the terminal equipment, and the current login password of the electronic equipment is obtained from the server. Furthermore, the maintenance person can log in the electronic device by using the acquired current login password to perform operations such as setting or maintenance on the electronic device.
In the process, the login password of the electronic equipment is not a static password any more, but is dynamically updated along with the trigger condition of password updating, so that the login password of the electronic equipment is effective only in a short time. Even if the login password is leaked by maintenance personnel carelessly, the electronic equipment only has safety risk in a short time, and after the login password is updated next time, the electronic equipment does not have safety risk any more, so that the potential safety hazard of the electronic equipment is effectively reduced.
Furthermore, because the login password updated by the electronic equipment each time is randomly generated, the login passwords of different electronic equipment are different, and the login passwords of different electronic equipment are not regular. Thus, even if the maintenance person knows the login password of one of the electronic devices, the maintenance person cannot use the login password for the other electronic device, and cannot deduce the login password of the other electronic device from the login password, thereby effectively controlling the access of the maintenance person to the other electronic device.
In addition, because the login password of the electronic device is dynamically updated, a maintenance person must query the current login password of the electronic device through the server before accessing the electronic device every time. Therefore, the server can determine which electronic devices are accessed by the maintenance personnel in what time according to the query behavior of the maintenance personnel, and therefore monitoring of the access behavior of the maintenance personnel is achieved.
The technical solution of the present application will be described in detail with reference to several specific examples. The following several specific embodiments may be combined with each other, and details of the same or similar concepts or processes may not be repeated in some embodiments.
Fig. 2 is a flowchart illustrating a password updating method of an electronic device according to the present application. As shown in fig. 2, the method of the present embodiment includes:
s201: the electronic device randomly generates a first password in response to detecting a trigger condition for a password update.
S202: and the electronic equipment updates the login password of the electronic equipment to the first password.
Optionally, the randomly generated first password satisfies a preset condition. The preset conditions may include one or more of the following: (1) including a preset number of characters; (2) including upper and lower case letters, numbers, and special characters.
The trigger condition of password updating is used for indicating that the login password of the electronic equipment needs to be updated under certain conditions. The trigger condition for updating the password may be configured by the electronic device by default, may be specified by the server and issued to the electronic device, or may be specified by the user and written into the electronic device.
In one possible implementation, the login password is updated when power-on of the electronic device is detected. In another possible implementation manner, the login password is updated when it is detected that the use duration of the current login password of the electronic device reaches a preset duration. The two above-mentioned methods can also be used in combination.
Illustratively, a new password is randomly generated each time the electronic device is powered on and started, and the login password of the electronic device is updated to the new password. And then, starting a timer, wherein the time length of the timer is a preset time length (for example, 3 hours, 10 hours, 24 hours and the like), randomly generating a new password after the timer is detected to be up, and updating the login password of the electronic equipment to the new password.
It can be understood that the login password of the electronic device is dynamically updated, so that the current login password of the electronic device is only valid in a short time, and the same static login password is not used for a long time as in the prior art. Therefore, even if the login password is leaked by a maintenance person carelessly, the electronic equipment only has safety risk in a short time, and after the login password is updated next time, the electronic equipment does not have safety risk any more, so that the potential safety hazard of the electronic equipment is effectively reduced.
In addition, because the login password updated by the electronic equipment every time is randomly generated, the login passwords of different electronic equipment are different, and the login passwords of different electronic equipment are not regular. Thus, even if the maintenance person knows the login password of one of the electronic devices, the maintenance person cannot use the login password for the other electronic device, and cannot deduce the login password of the other electronic device from the login password, thereby effectively controlling the access of the maintenance person to the other electronic device.
In some possible scenarios, some electronic devices may provide multiple login services, each of which corresponds to a login password. Among these, the various login services include, but are not limited to: a login service based on a Secure Shell Protocol (SSH), a login service based on a remote terminal Protocol (Telnet), a login service based on a File Transfer Protocol (FTP), a login service based on a Secure File Transfer Protocol (SFTP), a login service based on a World Wide Web (Web), and the like.
In this embodiment, the first password corresponding to each login service may be randomly generated. Aiming at any first login service in the multiple login servers, the login password of the first login service of the electronic equipment is changed into a first password corresponding to the first login service. That is, the login password for each login service is dynamically updated at random. Therefore, the login passwords corresponding to the multiple login services of the electronic equipment are different, and the safety of the electronic equipment is further ensured.
Optionally, updating the login password of the electronic device to the first password may include: and updating the current login password into the first password by calling a password updating interface or command provided by the electronic equipment.
For example, for SSH-based login services, a password command may be invoked to update the login password. For the login service based on the WEB, an interface or a command provided by the WEB service can be called to update the login password.
In the embodiment, the password updating of the electronic equipment is realized by calling the password updating interface or command provided by the electronic equipment, the password updating method is flexible and convenient, deep customization of a system of the electronic equipment is not needed, the password updating method can be suitable for various types of electronic equipment and various login services, and the universality is good.
S203: the electronic device sends a password update message to the server.
Accordingly, the server receives a password update message from the electronic device.
The password updating message is used for indicating the identification of the electronic equipment and the first password. The identifier of the electronic device may be a name of the electronic device, or address location description information of the electronic device, or of course, other information of the electronic device may also be used, as long as the electronic device can be uniquely identified.
It should be noted that, in this embodiment, the content and the form of the password update message are not limited as long as the password update message can indicate the identifier of the electronic device and the first password.
It should be understood that when the electronic device provides a plurality of login services, the password update message is used to indicate the identity of the electronic device and the first password corresponding to each login service. In the following examples, the electronic device provides a login service as an example for illustration.
In one example, the password update message may include an identification of the electronic device and the first password. In this way, the server can directly obtain the identifier of the electronic device and the first password from the password update message.
S204: and the server updates the database according to the password updating message, wherein the database is used for storing login passwords of different electronic devices.
Illustratively, the server acquires the identifier of the electronic device and the first password according to the password update message, and stores the identifier of the electronic device and the first password in the database. Or updating the password stored in the database and corresponding to the identifier into the first password.
In this embodiment, when the maintenance person needs to log in the electronic device, the server may be accessed through the terminal device, and the current login password of the electronic device is obtained from the server. Furthermore, the maintenance personnel can log in the electronic equipment by using the acquired current login password to set or maintain the electronic equipment.
The password updating method for the electronic device provided by the embodiment comprises the following steps: the electronic equipment responds to a trigger condition for detecting password updating, randomly generates a first password, and updates a login password of the electronic equipment into the first password; the electronic device then sends a password update message to the server, the password update message indicating the identity of the electronic device and the first password. And the server updates a database for storing login passwords of different electronic equipment according to the password updating message. In the process, the login password of the electronic equipment is dynamically updated, so that the current login password of the electronic equipment is only effective in a short time, and potential safety hazards caused by the leakage of the login password are reduced; in addition, because the login password updated by the electronic equipment each time is randomly generated, the login passwords of different electronic equipment are different and have no rule, so that the login password of one electronic equipment cannot be applied to other electronic equipment and cannot be used for deducing and guessing the login passwords of other electronic equipment, the safety of the electronic equipment is further improved, and the traffic safety is further improved.
Fig. 3 is a flowchart illustrating another password updating method for an electronic device according to the present application. On the basis of the above embodiments, the present embodiment performs encrypted transmission and storage on the first password to further improve the security of the electronic device. As shown in fig. 3, the method of the present embodiment includes:
s301: the electronic device randomly generates a first password in response to detecting a trigger condition for a password update.
S302: and the electronic equipment updates the login password of the electronic equipment into a first password.
It should be understood that the specific implementation of S301 and S302 is similar to S201 and S202, and is not described herein.
S303: the electronic equipment encrypts the first password by using the public key to obtain a ciphertext corresponding to the first password.
S304: the electronic equipment sends a password updating message to a server, wherein the password updating message comprises: and the identification of the electronic equipment and the ciphertext corresponding to the first password.
S305: and the server decrypts the ciphertext by using the private key to obtain a first password.
Specifically, a public key may be deployed in the electronic device in advance, where the public key is used to encrypt the first password to obtain a ciphertext. The server side is provided with a private key corresponding to the public key, and the server decrypts the ciphertext by using the private key to obtain a first password.
In one possible implementation, the electronic device obtains a key identifier; and the electronic equipment encrypts the first password by using the public key corresponding to the key identification to obtain a ciphertext corresponding to the first password.
The key identifications may also be referred to as "public-private key pair identifications", that is, each key identification corresponds to a public key and a private key.
Optionally, when the electronic device is deployed, the electronic device may be assigned a key identifier, and the assigned key identifier may be stored in the electronic device. Therefore, when the electronic device needs to encrypt the first password, the electronic device obtains the key identification stored by the electronic device, and encrypts the first password by using the public key corresponding to the key identification to obtain the ciphertext corresponding to the first password.
For example, the electronic device may be assigned a key identifier according to the type of the electronic device, and the key identifiers assigned by different types of electronic devices may be different. For example, an AI camera is assigned a key identification of X1, an OBU is assigned a key identification of X2, an RSU is assigned a key identification of X3, and so on.
Optionally, the electronic device may be assigned a key identifier according to a region to which the electronic device belongs, and the key identifiers assigned to the electronic devices in different regions may be different. For example, the key identifier assigned to each electronic device in the region 1 is X1, the key identifier assigned to each electronic device in the region 2 is X2, the key identifier assigned to each electronic device in the region 3 is X3, and the like.
Wherein, each electronic device can be assigned one or more key identifications. Alternatively, when an electronic device is assigned with a plurality of key identifications, the electronic device may randomly select one key identification from the plurality of key identifications. Optionally, when a plurality of key identifications are allocated to one electronic device, the electronic device may further select different key identifications for different login services.
In the above various implementation manners, when the electronic device encrypts the first password by using the public key corresponding to the key identifier, and when the electronic device sends a password update message to the server, the key identifier may be carried in the password update message. Correspondingly, after receiving the password updating message from the electronic device, the server can select a private key corresponding to the key identifier to decrypt the ciphertext according to the key identifier.
S306: the server stores the identification of the electronic equipment and the first password in a database; or storing the identifier of the electronic equipment and the ciphertext corresponding to the first password into a database.
That is, the database may store the first password, or may store a ciphertext corresponding to the first password. It can be understood that storing the ciphertext of the first password in the database can make the security of the first password higher, because even if the data in the database is stolen, the thief still cannot obtain the first password because the ciphertext is stored in the database.
When the password update message further includes the key identifier, the server may further store the identifier of the electronic device, the ciphertext corresponding to the first password, and the key identifier in the database. Therefore, when a user needs to inquire the login password of the electronic equipment, the ciphertext and the key identification corresponding to the electronic equipment can be inquired and obtained from the database, and the ciphertext is decrypted by using the private key corresponding to the key identification to obtain the first password.
In this embodiment, the login password of the electronic device is encrypted by using the public key, and only the server having the corresponding private key can decrypt the login password. In the process that the electronic equipment sends the password updating message to the server, even if a communication link is hijacked by a hacker, the hacker cannot decrypt the login password according to the data acquired by the packet capturing, and the security of the login password is ensured.
In addition, by introducing the key identifier, different key identifiers can be deployed on different types of electronic equipment, or different key identifiers can be deployed on electronic equipment in different regions, or different key identifiers can be adopted by different login services, so that key isolation is realized, the domain scope influenced by the key is reduced, and the safety of the electronic equipment is further improved.
The embodiments shown in fig. 2 and 3 describe the process of dynamically updating the login password by the electronic device and storing the login password by the server. The following describes a process of querying a login password of an electronic device through a terminal device by a user in conjunction with an embodiment shown in fig. 4.
Fig. 4 is a schematic flowchart of a process for obtaining a login password of an electronic device according to the present application. As shown in fig. 4, the method of the present embodiment includes:
s401: and the terminal equipment sends a password inquiry instruction to the server, wherein the password inquiry instruction comprises the identification of the target electronic equipment.
The terminal device of this embodiment may be a terminal device of a maintenance person. The terminal device may be deployed with a client of the password management platform, or the terminal device may access the password management platform through a browser. The target electronic equipment is the electronic equipment of which the operator needs to inquire the login password.
Illustratively, the terminal device sends a password inquiry instruction to the server when detecting an inquiry operation input by a user for the target electronic device.
Fig. 5 is a schematic diagram of a display interface of a terminal device provided in the present application. The display interface may be a display interface of a terminal device of a maintenance person. As shown in fig. 5, in the display interface, the maintenance personnel may enter the identification of the target electronic device. And when the terminal equipment detects that the maintenance personnel clicks the query button, a password query instruction is sent to the server, and the password query instruction carries the identification of the electronic equipment input by the maintenance personnel.
S402: and the server acquires the login password of the target electronic equipment from the database according to the identification of the target electronic equipment.
And after receiving the password inquiry command from the terminal equipment, the server acquires the login password of the target electronic equipment by inquiring the database according to the identifier of the target electronic equipment.
In some possible implementations, the database stores ciphertexts of login passwords of a plurality of electronic devices. And after the server queries and obtains a corresponding ciphertext according to the identifier of the target electronic equipment, decrypting the ciphertext by using the private key to obtain a login password.
In other possible implementations, the database stores ciphertexts of login passwords and corresponding key identifications of a plurality of electronic devices. And after the server queries and obtains a corresponding ciphertext according to the identifier of the target electronic equipment, decrypting the ciphertext by using a private key corresponding to the key identifier to obtain the current login password.
S403: and the server sends the login password of the target electronic equipment to the terminal equipment.
S404: and the terminal equipment displays the login password of the target electronic equipment.
As shown in fig. 5, after receiving the login password of the target electronic device from the server, the terminal device displays the login password in the display interface. Therefore, after the maintenance personnel know the login password, the maintenance personnel can log in the electronic equipment by using the login password to carry out related operation.
In a possible implementation manner, the password query instruction further includes an identifier of a user (i.e., a maintenance person), and before querying the database, the server may further determine that the user has a right to query the login password of the target electronic device according to the identifier of the user.
Specifically, the server may store a permission table, where the permission table is used to record which electronic devices each user (maintenance staff) has permission to query for a login password. The permission table may be configured and maintained by an administrator of the server. Specifically, which maintenance personnel have the inquiry authority of the login password can be set individually for each electronic device, so that fine-grained control over the access authority of the electronic device is realized.
If the server determines that the user does not have the authority to query the login password of the target electronic equipment, prompt information can be returned to the terminal equipment to prompt that the user does not have the query authority.
By judging the user authority, the user can only inquire the login password of the electronic equipment within the authority range of the user, so that the safety of the electronic equipment is ensured.
In a possible implementation manner, after the server receives the password query instruction from the terminal device, the method further includes: and generating a password inquiry record and writing the password inquiry record into a log file. The password inquiry record is used for recording the inquiry action of a user on the login password of the electronic equipment. The password query record may include: an identification of the user and an identification of the electronic device queried by the user.
Optionally, the password query record may further include: and (5) authentication result. The authentication result refers to a result of judging whether the user has the inquiry authority of the login password of the electronic device.
Fig. 6 is a schematic diagram of a display interface of another terminal device provided in the present application. The interface may be a display interface of the terminal device of the administrator. The administrator can inquire the historical inquiry behavior of a certain maintenance person through the display interface. As shown in fig. 6, the interface displays: the maintainer, identified as a1, had queried the login password for 7 electronic devices. The identifications of the 7 electronic devices are respectively B1, B2, B3, B4, B5, B6 and B7. The maintenance personnel have the inquiry authority of the electronic devices B1, B2, B3, B4 and B5 and do not have the inquiry authority of the electronic devices B6 and B7.
In this embodiment, the query behavior of the user is recorded in the log file, so that the query can be performed in subsequent needs. For example, when a problem occurs in the operation of the electronic device, a maintenance person who last accessed the electronic device can be quickly tracked according to the log file, and the operation and setting performed by the maintenance person can be confirmed, so that the problem can be quickly solved. In addition, the log file can be used for counting and analyzing the query behavior of a certain maintainer (such as the query behavior of a certain maintainer with high frequency and multiple devices) so as to find out the maintainer with abnormal behavior in time, thereby reducing the risk of abnormal access of the electronic device.
In practical application, the server can also automatically synchronize the information of the on-duty state of the maintainers, and after the maintainers leave duty, the maintainers can automatically log out the account number of the maintainers on the password management platform, so that the maintenance staff who leave duty can not obtain the latest login password of the electronic equipment any more. Because the login password is dynamically updated, the off-duty maintainer cannot use the login password obtained before to continuously access the electronic equipment, and the permission recovery of the off-duty maintainer is realized.
On the basis of any of the above embodiments, the following describes the present application with a specific example in conjunction with fig. 7.
Fig. 7 is a schematic diagram of a password updating process of an electronic device provided in the present application. As shown in fig. 7, taking an AI camera as an example, assume that the AI camera provides SSH login service. And the AI camera randomly generates an SSH login password every time the AI camera is powered on or every preset time, and sets the newly generated SSH login password as the current login password. The AI camera encrypts the newly generated SSH login password by using the public key to obtain a ciphertext, and sends the identification of the AI camera and the encrypted SSH login password to the server. And the server decrypts the ciphertext by using the private key, and stores the identifier of the AI camera and the ciphertext into the database if the decryption is successful.
When a user needs to access the AI camera, the user sends the identification of the AI camera to the server through the terminal equipment. And the server queries the data base according to the identification to obtain a ciphertext corresponding to the AI camera, decrypts the ciphertext by using a private key to obtain an SSH login password, and sends the SSH login password to the terminal equipment. And the terminal equipment displays the SSH login password, so that the user can obtain the SSH login password of the AI camera. In turn, the user may access the AI camera using the SSH login password to perform relevant operations on the AI camera.
It should be noted that, in any of the embodiments, the process of decrypting the ciphertext by using the private Key by the server may be implemented by a Key Management System (KMS). Specifically, the server calls a decryption interface provided by the KMS to decrypt the ciphertext. The server does not directly obtain the private key, the private key is always stored in the KMS, the private key only participates in operation in the KMS and never is exposed outside, namely, the server can only use the private key to decrypt and cannot directly obtain the private key. Even if a hacker invades the server, the hacker cannot acquire the private key due to the protection of the KMS, and the security of the login password is guaranteed.
Fig. 8A is a schematic structural diagram of a password updating apparatus of an electronic device provided in the present application, where the apparatus of this embodiment may be in the form of software and/or hardware. The apparatus of the present embodiment may be provided in an electronic device. As shown in fig. 8A, the password updating apparatus 800 of the electronic device according to the present embodiment includes: a generation module 801, an update module 802 and a sending module 803.
The generation module 801 is configured to randomly generate a first password in response to detecting a trigger condition of password update;
an updating module 802, configured to update the login password of the electronic device to the first password;
a sending module 802, configured to send a password update message, where the password update message is used to indicate the identifier of the electronic device and the first password.
In a possible implementation manner, the generating module 801 is specifically configured to:
and randomly generating a first password after the electronic equipment is detected to be powered on or the use time of the current login password of the electronic equipment is detected to reach a preset time.
In one possible implementation, the electronic device provides a plurality of login services; the generating module 801 is specifically configured to: respectively randomly generating a first password corresponding to each login service;
the update module 802 is specifically configured to: and aiming at any first login service in the plurality of login services, updating the login password of the first login service of the electronic equipment to the first password corresponding to the first login service.
Fig. 8B is a schematic structural diagram of another password updating apparatus of an electronic device provided in the present application, and based on the embodiment shown in fig. 8A, as shown in fig. 8B, the password updating apparatus 800 of an electronic device provided in this embodiment may further include: an encryption module 804.
The encryption module 804 is configured to encrypt the first password by using a public key to obtain a ciphertext corresponding to the first password;
the password update message includes: and the identification of the electronic equipment and the ciphertext corresponding to the first password.
In a possible implementation manner, the encryption module 804 is specifically configured to:
acquiring a key identification;
encrypting the first password by using the public key corresponding to the key identification to obtain a ciphertext corresponding to the first password;
the password update message further includes the key identification.
The apparatus shown in fig. 8A and 8B may be used to execute the method executed by the electronic device in any of the above method embodiments, and the implementation principle and the technical effect are similar, which are not described herein again.
Fig. 9A is a schematic structural diagram of a password updating apparatus of another electronic device provided in the present application. The apparatus of the present embodiment may be in the form of software and/or hardware. The apparatus of the present embodiment may be provided in a server. As shown in fig. 9A, the password updating apparatus 900 of the electronic device provided in this embodiment includes: a receiving module 901 and a processing module 902.
The receiving module 901 is configured to receive a password update message, where the password update message is used to indicate an identifier of an electronic device and a first password, and the first password is randomly generated by the electronic device in response to a trigger condition that a password update is detected;
a processing module 902, configured to update a database according to the password update message, where the database is used to store login passwords of different electronic devices.
In one possible implementation, the password update message includes: the identification of the electronic equipment and the ciphertext corresponding to the first password; the processing module 902 is specifically configured to:
decrypting the ciphertext by using a private key to obtain the first password;
and storing the identifier of the electronic equipment and the ciphertext into a database, or storing the identifier of the electronic equipment and the first password into the database.
In a possible implementation manner, the password update message further includes a key identifier; the processing module 902 is specifically configured to:
decrypting the ciphertext by using a private key corresponding to the key identification to obtain the first password;
and storing the identification of the electronic equipment, the ciphertext and the key identification into a database.
Fig. 9B is a schematic structural diagram of a password updating apparatus of another electronic device provided in the present application. As shown in fig. 9B, on the basis of the embodiment shown in fig. 9A, the apparatus of this embodiment may further include: a sending module 903.
The receiving module 901 is further configured to receive a password query instruction, where the password query instruction includes an identifier of a target electronic device;
the processing module 902 is further configured to obtain a login password of the target electronic device from the database according to the identifier of the target electronic device;
a sending module 903, configured to send the login password of the target electronic device.
In a possible implementation manner, the password query instruction further includes: an identification of the user; the processing module 902 is further configured to:
before the login password of the target electronic equipment is acquired from the database according to the identifier of the target electronic equipment, determining that the user has the authority of inquiring the login password of the target electronic equipment according to the identifier of the user.
In a possible implementation manner, the processing module 902 is further configured to:
generating a password query record, the password query record comprising: an identity of the user and an identity of the electronic device;
and writing the password inquiry record into a log file.
The apparatuses shown in fig. 9A and 9B may be used to implement the method executed by the server in any of the above method embodiments, and the implementation principle and the technical effect are similar, which are not described herein again.
According to an embodiment of the present application, there is also provided an electronic device including: at least one processor; and a memory communicatively coupled to the at least one processor; wherein the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method performed by the electronic device in the above method embodiments. The implementation principle and the technical effect are similar, and the detailed description is omitted here.
According to an embodiment of the present application, there is also provided an electronic device including: at least one processor; and a memory communicatively coupled to the at least one processor; wherein the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method performed by the server in the above method embodiments. The implementation principle and the technical effect are similar, and the detailed description is omitted here.
According to an embodiment of the present application, there is also provided a non-transitory computer readable storage medium storing computer instructions for causing a computer to perform the method performed by an electronic device in the above method embodiment or perform the method performed by a server in the above method embodiment. The implementation principle and the technical effect are similar, and the detailed description is omitted here.
According to an embodiment of the present application, there is also provided a computer program product, including a computer program, which when executed by a processor, implements the method performed by the electronic device in the above method embodiment, or performs the method performed by the server in the above method embodiment. The implementation principle and the technical effect are similar, and the detailed description is omitted here.
FIG. 10 shows a schematic block diagram of an example electronic device 1000 that may be used to implement embodiments of the present application. Electronic devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. The electronic device may also represent various forms of mobile devices, such as personal digital processing, cellular phones, smart phones, wearable devices, and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be examples only, and are not meant to limit implementations of the present application that are described and/or claimed herein.
As shown in fig. 10, the electronic device 1000 includes a computing unit 1001 that can perform various appropriate actions and processes according to a computer program stored in a Read Only Memory (ROM)1002 or a computer program loaded from a storage unit 1008 into a Random Access Memory (RAM) 1003. In the RAM 1003, various programs and data necessary for the operation of the apparatus can also be stored. The calculation unit 1001, the ROM 1002, and the RAM 1003 are connected to each other by a bus 1004. An input/output (I/O) interface 1005 is also connected to bus 1004.
A number of components in the device are connected to I/O interface 1005, including: an input unit 1006 such as a keyboard, a mouse, and the like; an output unit 1007 such as various types of displays, speakers, and the like; a storage unit 1008 such as a magnetic disk, an optical disk, or the like; and a communication unit 1009 such as a network card, a modem, a wireless communication transceiver, or the like. The communication unit 1009 allows the device to exchange information/data with other devices through a computer network such as the internet and/or various telecommunication networks.
Computing unit 1001 may be a variety of general and/or special purpose processing components with processing and computing capabilities. Some examples of the computing unit 1001 include, but are not limited to, a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), various dedicated Artificial Intelligence (AI) computing chips, various computing units running machine learning model algorithms, a Digital Signal Processor (DSP), and any suitable processor, controller, microcontroller, and so forth. The calculation unit 1001 executes the respective methods and processes described above, such as the password update method of the electronic apparatus. For example, in some embodiments, the password update method of the electronic device may be implemented as a computer software program tangibly embodied in a machine-readable medium, such as the storage unit 1008. In some embodiments, part or all of the computer program may be loaded and/or installed onto the device via ROM 1002 and/or communications unit 1009. When the computer program is loaded into the RAM 1003 and executed by the computing unit 1001, one or more steps of the above described password updating method of the electronic device may be performed. Alternatively, in other embodiments, the computing unit 1001 may be configured by any other suitable means (e.g. by means of firmware) to perform the password update method of the electronic device.
Various implementations of the systems and techniques described here above may be implemented in digital electronic circuitry, integrated circuitry, Field Programmable Gate Arrays (FPGAs), Application Specific Integrated Circuits (ASICs), Application Specific Standard Products (ASSPs), system on a chip (SOCs), load programmable logic devices (CPLDs), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs that are executable and/or interpretable on a programmable system including at least one programmable processor, which may be special or general purpose, receiving data and instructions from, and transmitting data and instructions to, a storage system, at least one input device, and at least one output device.
Program code for implementing the methods of the present application may be written in any combination of one or more programming languages. These program codes may be provided to a processor or controller of a general purpose computer, special purpose computer, or other programmable data processing apparatus, such that the program codes, when executed by the processor or controller, cause the functions/operations specified in the flowchart and/or block diagram to be performed. The program code may execute entirely on the machine, partly on the machine, as a stand-alone software package partly on the machine and partly on a remote machine or entirely on the remote machine or server.
In the context of this application, a machine-readable medium may be a tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. The machine-readable medium may be a machine-readable signal medium or a machine-readable storage medium. A machine-readable medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
To provide for interaction with a user, the systems and techniques described here can be implemented on a computer having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and a pointing device (e.g., a mouse or a trackball) by which a user can provide input to the computer. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user can be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic, speech, or tactile input.
The systems and techniques described here can be implemented in a computing system that includes a back-end component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such back-end, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), Wide Area Networks (WANs), and the Internet.
The computer system may include clients and servers. A client and server are generally remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other. The Server can be a cloud Server, also called a cloud computing Server or a cloud host, and is a host product in a cloud computing service system, so as to solve the defects of high management difficulty and weak service expansibility in the traditional physical host and VPS service ("Virtual Private Server", or simply "VPS"). The server may also be a server of a distributed system, or a server incorporating a blockchain.
According to an embodiment of the application, the application also provides a transportation device, and the transportation device comprises the electronic device provided in fig. 10.
For example, the transportation device includes a processor and a memory therein. A memory for storing a program; memory, which may include volatile memory, such as random access memory, e.g., static random access memory, double data rate synchronous dynamic random access memory, etc.; the memory may also include non-volatile memory, such as flash memory. The memories are used to store computer programs (e.g., applications, functional modules, etc. that implement the above-described methods), computer instructions, etc., which may be stored in partition in the memory or memories. And the computer programs, computer instructions, data, etc. described above may be invoked by a processor.
The computer programs, computer instructions, etc. described above may be stored in one or more memories in a partitioned manner. And the above-mentioned computer program, computer instruction, etc. may be called by the processor.
In the transportation device, a processor is used for executing the computer program stored in the memory so as to realize the steps of the method related to the embodiment.
Reference may be made in particular to the description relating to the preceding method embodiment.
In a transportation device, the processor and the memory may be separate structures or may be an integrated structure integrated together. When the processor and the memory are separate structures, the memory, the processor may be coupled by a bus.
The traffic device of this embodiment may execute the technical solution in the above method, and the specific implementation process and the technical principle are the same, which are not described herein again.
It should be understood that various forms of the flows shown above may be used, with steps reordered, added, or deleted. For example, the steps described in the present application may be executed in parallel, sequentially, or in different orders, and the present invention is not limited thereto as long as the desired results of the technical solutions disclosed in the present application can be achieved.
The above-described embodiments should not be construed as limiting the scope of the present application. It should be understood by those skilled in the art that various modifications, combinations, sub-combinations and substitutions may be made in accordance with design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present application shall be included in the protection scope of the present application.

Claims (25)

1. A password updating method of an electronic device comprises the following steps:
in response to detecting a trigger condition for password update, randomly generating a first password;
updating the login password of the electronic equipment to the first password;
and sending a password updating message, wherein the password updating message is used for indicating the identification of the electronic equipment and the first password.
2. The method of claim 1, wherein the detecting a trigger condition for a password update comprises:
detecting that the electronic device is powered on, or,
and detecting that the use time of the current login password of the electronic equipment reaches a preset time.
3. The method of claim 1 or 2, wherein the electronic device provides a plurality of login services; the randomly generating a first password comprises:
respectively randomly generating a first password corresponding to each login service;
updating the login password of the electronic device to the first password, including:
and aiming at any first login service in the plurality of login services, updating the login password of the first login service of the electronic equipment to the first password corresponding to the first login service.
4. The method of any of claims 1 to 3, prior to sending the password update message, further comprising:
encrypting the first password by using a public key to obtain a ciphertext corresponding to the first password;
the password update message includes: and the identification of the electronic equipment and the ciphertext corresponding to the first password.
5. The method of claim 4, wherein encrypting the first password with a public key to obtain a ciphertext corresponding to the first password comprises:
acquiring a key identification;
encrypting the first password by using the public key corresponding to the key identification to obtain a ciphertext corresponding to the first password;
the password update message further includes the key identification.
6. A password updating method of an electronic device comprises the following steps:
receiving a password update message, wherein the password update message is used for indicating an identifier of an electronic device and a first password, and the first password is randomly generated by the electronic device in response to a trigger condition of detecting password update;
and updating a database according to the password updating message, wherein the database is used for storing login passwords of different electronic devices.
7. The method of claim 6, wherein the password update message comprises: the identification of the electronic equipment and the ciphertext corresponding to the first password;
updating the database according to the password updating message, comprising:
decrypting the ciphertext by using a private key to obtain the first password;
and storing the identifier of the electronic equipment and the ciphertext into a database, or storing the identifier of the electronic equipment and the first password into the database.
8. The method of claim 7, wherein the password update message further comprises a key identification; the decrypting the ciphertext by using the private key to obtain the first password comprises:
decrypting the ciphertext by using a private key corresponding to the key identification to obtain the first password;
the storing the identifier of the electronic device and the ciphertext into a database includes:
and storing the identification of the electronic equipment, the ciphertext and the key identification into a database.
9. The method of any of claims 6 to 8, further comprising:
receiving a password query instruction, wherein the password query instruction comprises an identifier of a target electronic device;
acquiring a login password of the target electronic equipment from the database according to the identifier of the target electronic equipment;
and sending the login password of the target electronic equipment.
10. The method of claim 9, wherein the password query instruction further comprises: an identification of the user; before obtaining the login password of the target electronic device from the database according to the identifier of the target electronic device, the method further includes:
and determining that the user has the authority of inquiring the login password of the target electronic equipment according to the identification of the user.
11. The method of claim 10, after receiving the password query instruction, further comprising:
generating a password query record, the password query record comprising: an identity of the user and an identity of the electronic device;
and writing the password inquiry record into a log file.
12. A password updating apparatus of an electronic device, comprising:
the generation module is used for responding to the trigger condition of detecting password updating and randomly generating a first password;
the updating module is used for updating the login password of the electronic equipment into the first password;
a sending module, configured to send a password update message, where the password update message is used to indicate an identifier of the electronic device and the first password.
13. The apparatus of claim 12, wherein the generation module is specifically configured to:
and in response to the fact that the electronic equipment is powered on or the fact that the use time of the current login password of the electronic equipment reaches the preset time, randomly generating a first password.
14. The apparatus of claim 12 or 13, the electronic device providing a plurality of login services; the generation module is specifically configured to: respectively randomly generating a first password corresponding to each login service;
the update module is specifically configured to: and aiming at any first login service in the plurality of login services, updating the login password of the first login service of the electronic equipment to the first password corresponding to the first login service.
15. The apparatus of any of claims 12 to 14, further comprising:
the encryption module is used for encrypting the first password by using a public key to obtain a ciphertext corresponding to the first password;
the password update message includes: and the identification of the electronic equipment and the ciphertext corresponding to the first password.
16. The apparatus of claim 15, the encryption module to:
acquiring a key identification;
encrypting the first password by using the public key corresponding to the key identification to obtain a ciphertext corresponding to the first password;
the password update message further includes the key identification.
17. A password updating apparatus of an electronic device, comprising:
a receiving module, configured to receive a password update message, where the password update message is used to indicate an identifier of an electronic device and a first password, and the first password is generated randomly by the electronic device in response to a trigger condition that a password update is detected;
and the processing module is used for updating a database according to the password updating message, wherein the database is used for storing login passwords of different electronic devices.
18. The apparatus of claim 17, wherein the password update message comprises: the identification of the electronic equipment and the ciphertext corresponding to the first password; the processing module is specifically configured to:
decrypting the ciphertext by using a private key to obtain the first password;
and storing the identifier of the electronic equipment and the ciphertext into a database, or storing the identifier of the electronic equipment and the first password into the database.
19. The apparatus of claim 18, wherein the password update message further comprises a key identification; the processing module is specifically configured to:
decrypting the ciphertext by using a private key corresponding to the key identification to obtain the first password;
and storing the identification of the electronic equipment, the ciphertext and the key identification into a database.
20. The apparatus according to any one of claims 17 to 19, wherein the receiving module is further configured to receive a password query instruction, where the password query instruction includes an identifier of a target electronic device;
the processing module is further used for acquiring a login password of the target electronic equipment from the database according to the identifier of the target electronic equipment;
the device further comprises:
and the sending module is used for sending the login password of the target electronic equipment.
21. The apparatus of claim 20, wherein the password lookup instruction further comprises: an identification of the user; the processing module is further configured to:
before the login password of the target electronic equipment is acquired from the database according to the identifier of the target electronic equipment, determining that the user has the authority of inquiring the login password of the target electronic equipment according to the identifier of the user.
22. The apparatus of claim 21, the processing module further to:
generating a password query record, the password query record comprising: an identity of the user and an identity of the electronic device;
and writing the password inquiry record into a log file.
23. An electronic device, comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of any one of claims 1 to 5 or to perform the method of any one of claims 6 to 11.
24. A non-transitory computer readable storage medium having stored thereon computer instructions for causing a computer to perform the method of any one of claims 1 to 5 or to perform the method of any one of claims 6 to 11.
25. A computer program product comprising a computer program which, when executed by a processor, implements the method of any one of claims 1 to 5, or implements the method of any one of claims 6 to 11.
CN202011496887.XA 2020-12-17 2020-12-17 Password updating method, device, equipment and storage medium of electronic equipment Withdrawn CN112560015A (en)

Priority Applications (5)

Application Number Priority Date Filing Date Title
CN202011496887.XA CN112560015A (en) 2020-12-17 2020-12-17 Password updating method, device, equipment and storage medium of electronic equipment
EP21181679.8A EP3869366B1 (en) 2020-12-17 2021-06-25 Method and apparatus for updating password of electronic device, device and storage medium
KR1020210086403A KR102581873B1 (en) 2020-12-17 2021-07-01 Method and apparatus for updating password of electronic device, device and storage medium
JP2021110576A JP2021166401A (en) 2020-12-17 2021-07-02 Method, apparatus, device and storage medium for updating password of electronic device
US17/383,193 US11880450B2 (en) 2020-12-17 2021-07-22 Method and apparatus for updating password of electronic device, device and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011496887.XA CN112560015A (en) 2020-12-17 2020-12-17 Password updating method, device, equipment and storage medium of electronic equipment

Publications (1)

Publication Number Publication Date
CN112560015A true CN112560015A (en) 2021-03-26

Family

ID=75063108

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011496887.XA Withdrawn CN112560015A (en) 2020-12-17 2020-12-17 Password updating method, device, equipment and storage medium of electronic equipment

Country Status (5)

Country Link
US (1) US11880450B2 (en)
EP (1) EP3869366B1 (en)
JP (1) JP2021166401A (en)
KR (1) KR102581873B1 (en)
CN (1) CN112560015A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114866335A (en) * 2022-06-09 2022-08-05 三星电子(中国)研发中心 Password synchronization method, electronic equipment and server for password synchronization
CN115529175A (en) * 2022-09-16 2022-12-27 曲誉环境综合治理有限公司 Industrial equipment authentication login method and device
CN117478326A (en) * 2023-12-28 2024-01-30 深圳万物安全科技有限公司 Key escrow method, device, terminal equipment and storage medium

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114120497A (en) * 2021-12-28 2022-03-01 深圳市欧瑞博科技股份有限公司 Communication method and device of intelligent door lock, intelligent door lock and storage medium
CN115277180B (en) * 2022-07-26 2023-04-28 电子科技大学 Block chain log anomaly detection and tracing system
CN115203676B (en) * 2022-09-06 2023-01-03 北京圣博润高新技术股份有限公司 Database connection method, database connection device, proxy server and medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109472130A (en) * 2018-11-13 2019-03-15 试金石信用服务有限公司 Linux cipher management method, middle control machine, readable storage medium storing program for executing
CN110826052A (en) * 2019-10-18 2020-02-21 上海易点时空网络有限公司 Method and device for protecting server password security
CN110891062A (en) * 2019-11-27 2020-03-17 中铁程科技有限责任公司 Password changing method, server and storage medium

Family Cites Families (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7249261B2 (en) * 2001-10-16 2007-07-24 Activcard Ireland Limited Method for securely supporting password change
JP3955827B2 (en) 2003-02-27 2007-08-08 イニシア株式会社 ID, password, etc. automatic input program and recording medium
JP4395651B2 (en) * 2003-09-30 2010-01-13 キヤノンマーケティングジャパン株式会社 Authentication server, authentication system, authentication method, program, and recording medium
JP2008233970A (en) 2007-03-16 2008-10-02 Pioneer Electronic Corp Information communication system and information communication method
JP4844980B2 (en) * 2007-11-08 2011-12-28 Necフィールディング株式会社 Information management system, portable terminal, server device, information processing method and program
US20090260074A1 (en) * 2008-04-10 2009-10-15 Qlayer Nv System and method for application level access to virtual server environments
US8984295B2 (en) * 2011-03-31 2015-03-17 Echostar Technologies L.L.C. Secure access to electronic devices
US9305160B2 (en) * 2014-04-04 2016-04-05 PassedWord LLC Method and system for automatic updating of randomly generated user passwords
US10212136B1 (en) 2014-07-07 2019-02-19 Microstrategy Incorporated Workstation log-in
JP5834118B2 (en) 2014-08-07 2015-12-16 株式会社東芝 Information operation device, information output device, and information operation program
CN104202306B (en) * 2014-08-15 2015-10-14 小米科技有限责任公司 Access authentication method, Apparatus and system
US9824208B2 (en) * 2015-07-06 2017-11-21 Unisys Corporation Cloud-based active password manager
US10078748B2 (en) 2015-11-13 2018-09-18 Microsoft Technology Licensing, Llc Unlock and recovery for encrypted devices
CN110138554A (en) * 2015-12-10 2019-08-16 深圳市大疆创新科技有限公司 Data connection, transmission, reception, the method and system of interaction and aircraft
CN107959567B (en) * 2016-10-14 2021-07-27 阿里巴巴集团控股有限公司 Data storage method, data acquisition method, device and system
US20200026848A1 (en) * 2016-11-30 2020-01-23 Mitsubishi Electric Corporation Information processing apparatus and information processing method
CN109150907B (en) * 2018-09-30 2021-10-12 百度在线网络技术(北京)有限公司 Vehicle-mounted industrial personal computer login method, device, system, computer equipment and medium
CN110943976B (en) 2019-11-08 2022-01-18 中国电子科技网络信息安全有限公司 Password-based user signature private key management method
CN111126533B (en) 2020-01-08 2023-06-23 牛津(海南)区块链研究院有限公司 Identity authentication method and device based on dynamic password and dynamic token
JP2020089788A (en) 2020-03-12 2020-06-11 株式会社三共 System for game

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109472130A (en) * 2018-11-13 2019-03-15 试金石信用服务有限公司 Linux cipher management method, middle control machine, readable storage medium storing program for executing
CN110826052A (en) * 2019-10-18 2020-02-21 上海易点时空网络有限公司 Method and device for protecting server password security
CN110891062A (en) * 2019-11-27 2020-03-17 中铁程科技有限责任公司 Password changing method, server and storage medium

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114866335A (en) * 2022-06-09 2022-08-05 三星电子(中国)研发中心 Password synchronization method, electronic equipment and server for password synchronization
CN115529175A (en) * 2022-09-16 2022-12-27 曲誉环境综合治理有限公司 Industrial equipment authentication login method and device
CN117478326A (en) * 2023-12-28 2024-01-30 深圳万物安全科技有限公司 Key escrow method, device, terminal equipment and storage medium
CN117478326B (en) * 2023-12-28 2024-04-09 深圳万物安全科技有限公司 Key escrow method, device, terminal equipment and storage medium

Also Published As

Publication number Publication date
KR20210102120A (en) 2021-08-19
EP3869366B1 (en) 2023-02-08
JP2021166401A (en) 2021-10-14
EP3869366A1 (en) 2021-08-25
KR102581873B1 (en) 2023-09-25
US20210349989A1 (en) 2021-11-11
US11880450B2 (en) 2024-01-23

Similar Documents

Publication Publication Date Title
CN112560015A (en) Password updating method, device, equipment and storage medium of electronic equipment
TWI756439B (en) Network access authentication method, device and system
US9654480B2 (en) Systems and methods for profiling client devices
CN111737366B (en) Private data processing method, device, equipment and storage medium of block chain
US9374360B2 (en) System and method for single-sign-on in virtual desktop infrastructure environment
US11240008B2 (en) Key management method, security chip, service server and information system
KR20150079740A (en) Hardware-based device authentication
CN105262773B (en) A kind of verification method and device of Internet of things system
US11843601B2 (en) Methods, systems, and computer readable mediums for securely establishing credential data for a computing device
CN104320389A (en) Fusion identify protection system and fusion identify protection method based on cloud computing
CN112669104B (en) Data processing method of leasing equipment
EP3425550B1 (en) Transaction method, transaction information processing method, transaction terminal and server
CN103139201A (en) Network strategy acquiring method and data center switchboard
KR102576894B1 (en) Method for managing encryption keys inside the vehicle
CN113992387B (en) Resource management method, device, system, electronic equipment and readable storage medium
CN108900595A (en) Access method, apparatus, equipment and the calculation medium of cloud storage service device data
CN113079506B (en) Network security authentication method, device and equipment
CN114117388A (en) Device registration method, device registration apparatus, electronic device, and storage medium
KR102057564B1 (en) User Authentication System Using Authentication Variable And Method Thereof
KR102145529B1 (en) Payment method using mobile application and device for the same
JP2023535474A (en) ASSOCIATION CONTROL METHOD AND RELATED DEVICE
CN111242770B (en) Risk equipment identification method and device, electronic equipment and readable storage medium
CN114374508B (en) Network security protection method, system, device, security switch and storage medium
CN116015961A (en) Control processing method, security CPE, system and medium of down-hanging terminal equipment
EP3657760A1 (en) Method of managing network access of a device and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20211021

Address after: 100176 101, floor 1, building 1, yard 7, Ruihe West 2nd Road, Beijing Economic and Technological Development Zone, Daxing District, Beijing

Applicant after: Apollo Zhilian (Beijing) Technology Co.,Ltd.

Address before: 2 / F, baidu building, 10 Shangdi 10th Street, Haidian District, Beijing 100085

Applicant before: BEIJING BAIDU NETCOM SCIENCE AND TECHNOLOGY Co.,Ltd.

WW01 Invention patent application withdrawn after publication
WW01 Invention patent application withdrawn after publication

Application publication date: 20210326